CVE-2014-3036Use After Free in IBM API Management

CWE-416Use After Free5 documents5 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 55.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM API Management
Timeline
PublishedJun 8
Latest updateOct 15

Description

Unspecified vulnerability in IBM API Management 3.0.0.0, when basic authentication is used for APIs, allows remote attackers to bypass intended restrictions on topology access, and obtain sensitive information, via unknown vectors.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDibm/api_management3.0.0.0

🔴Vulnerability Details

3
OSV
Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue2025-10-15
GHSA
GHSA-wqcv-4fmp-436f: Unspecified vulnerability in IBM API Management 32022-05-17
CVEList
CVE-2014-3036: Unspecified vulnerability in IBM API Management 32014-06-08
CVE-2014-3036 — Use After Free in IBM API Management | cvebase